It was found that flite, a speech synthesis engine (text-to-speech), insecurely used a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running flite, or possibly obtain sensitive information as the temporary file may contain text-to-speech output (screen contents).
Acknowledgements:
This issue was discovered by Florian Weimer of the Red Hat Product Security Team.